Cars, Security and a Peek into my Life
Bet you connected multiple times, too – it’s the site behind iTunes.
See – unless I approve the connection, iTunes doesn’t function.
Interesting eh, a site so many of us use heavily, yet we don’t know its name.
It’s a good idea to monitor connections, learn more here.
CarPlay – the software that allows an iPhone to talk with a car’s dash screen. It arrived in the latest update, iOS 9.
And on the car side, it’s starting to arrive pre-installed in 2016 model year vehicles.
Be mindful when connecting your car to a mobile… ensure the phone is fully updated always, and if you even suspect it may contain malware, don’t connect.
A signed thank you from the CEO of Apple, neat eh.
Last night, the hacking group AntiSec posted 1 million UDIDs online, claiming they have 11 million more, and that they had stolen them from an FBI laptop in March, when they exploited a Java vulnerability.
Think of it like a serial number for your iOS device, the fingerprint of your phone or iPad. It is a unique, 40-character alpha-numeric number, and is used by Apple, ad networks, and app developers to identity devices.
It has long been touted as insecure (it’s sent back to app developers un-encrypted), and Apple started to phase it out in April.
Your UDID doesn’t mean much on its own, it’s like your driver’s licence number but without information like your name, address, etc. However, according the AntiSec, they found more information attached to the numbers, but stripped it out before posting them online, which I think is kind of them.
From Forbes.com:
If the UDIDs are determined to be real, just what that means about law enforcement and Apple users’ privacy isn’t entirely clear. Much more than passwords or even email addresses, UDIDs are already spread around the Internet by app developers and advertisers–a study by one privacy researcher in 2011 found that 74% of the apps he tested sent a user’s UDID to a remote server. But the same researcher also found that five out of seven social gaming networks he tested allowed users to log in with only their UDID, making a stolen UDID equivalent to a stolen password.
You have to do this on your computer, it’s not displayed on your iPhone.
Connect your phone to your computer. Open iTunes, click on your device in the left column, this screen will look familiar.
Click “Serial Number’, and the number to the right will change to your UUID. You won’t be able to copy & paste this, you’ll have to record it manually.
Next step is to check if yours was one of the million posted online.
The Next Web has created a tool to see your number was on the leaked list.
1 – I can’t guarantee you this is safe. I don’t know Next Web. What I do know though, is I found this link posted on Twitter by Mikko Hypponen, whom I met and interviewed last year at DefCon 19, who is one of the world’s leading experts in information security. I felt confident enough to enter mine. Best I can do, guys.
2 – Don’t paste your entire UUID into the box. Next Web says they’re not storing the UDIDs, but continues that they’re also not being encrypted during this process. The best thing to do is not enter your entire number; I entered only the first half of mine, good enough.
Click here to check yours. Mine came back not leaked, and looked like this:
Call Apple.
Further Reading
Lifehacker – definition of a UDID
The FBI has replied to the claim, made by AntiSec, that it is “totally false”. Privacy-advocacy groups are freaking out. AntiSec then said it won’t say another word, until journalist Adrian Chen poses in a tutu, on the Gawker homepage for 24 hours.
The hashtag #FBI has been trending on Twitter all day, that’s rare. If you’re following the story out there, be careful what you click.
Gizmodo posted a good article, “Why You Shouldn’t Freak Out if Hackers Leaked Your Apple Device ID”
And I learned about being a part of the news cycle.
That was neat: I saw the news about the leak early this morning, there were about 4 stories online, by the time I hit publish on mine, 350+
— KeriBlog (@KeriBlog) September 4, 2012
I’ve gotten away with using an ’07 copy of Final Cut Express, until now. Until my new laptop. I miss it a bit, I was super lightening fast.
I used some of the failed footage from Thursday to figure it out the new software.
Remember when I was pumped about that codec a few weeks back? That was part of this process, which is now done *wipes forehead*.
How to explain why I love it.… it’s the getting lost in the story, throwing the footage around the timeline, trimming and transitions, now add in some music oh YA now we’re talking! fist pump your screen!… now you’re conducting with your left hand while your right clicks the crap out of your mouse, 4 hours have passed and you have no cue, you’re too lost in creating and LOVE IT.
I’m not a fan of the new way of transitions… they’re all too fancy, and it tries to force me to put them on both ends of the clip, dumb.
You can export the video straight to YouTube, slick. And the new method of importing clips, really slick.
Have a great Monday! I’ve got a presentation to finish here, more on that soon, and start saving your pennies… Canada is deleting them as you know, and I’ve got a great thing for you to do with them for charity.
Here’s to a good start to your week today, TTY on Twitter,
